SOLUTIONS

This mode of operation turns THOR into a RESTful web service that is able to process thousands of samples per minute sent from any device within the network. Think of it as your ultra-fast on-premise scan service, which is bundled with more than 30,000 hand-crafted YARA rules focusing on persistent threats and forensic artifacts. Collect files and submit them for analysis from any operating system and any hardware platform. The possibilities are limitless.

​

During forensic investigations, automated file collection (ESI) from one or multiple remote systems can be combined with THOR Thunderstorm to improve the forensic anylsis. Alerts and warnings produced by THOR Thunderstorm highlight interesting elements in file data, registry hives, eventlog files and more.

​

ICS networks are mission critical, requiring immediate and high-availability. The installation of an endpoint agent or running a portable scanner is often out of question. With THOR Thunderstorm, you just have to collect and submit the files.

 

Since file collection is a lot easier than endpoint scanning, all you need is way to export the remote system’s files or directly send them to THOR Thunderstorm. Imagine that you can collect and submit files from network devices, telephone systems or embedded devices.

​

File collection scripts for many old or usually unsupported operating systems allow you to upload samples for analysis.

 

Select files based on size, age or type and schedule frequent upload tasks to analyze only new or modified files.

Esperto Consultants is the authorized Partner for Nextron System's THOR Thunderstorm solution in India.